<?php
	include 'config.php';
	include 'includes/user.class.php';
	$isloggedin = CheckLogin($mysql);
	$perms = CheckPermissions($mysql);
	
	if(!empty($_GET['do'])){
		if($_GET['do'] == "login"){
			if(!empty($_POST['username']) && !empty($_POST['password'])){
				$username = strip_tags($_POST['username']);
				$password = strip_tags($_POST['password']);
				$warning = "";
				$status = DoLogin($mysql,$username,$password);
				$loggedin = false;
				switch($status){
					case "loggedin": $loggedin = true; break;
					case "nouser": $warning = "No such user exists."; break;
					case "wrongpass": $warning = "The password was incorrect."; break;
					case "success": $loggedin = true; break;
				}
				if($loggedin == true){ die('<meta HTTP-EQUIV="REFRESH" content="0; url=index.php">'); }				
			}
		
		}elseif($_GET['do'] == "logout"){
			DoLogout($mysql);
			echo '<meta HTTP-EQUIV="REFRESH" content="0; url=index.php">';
			$isloggedin = false;
		}
	}
	
	ob_start();
	
?>

<div class="loginbox">
	<?php if(!empty($warning)){ echo "<div class=\"warningmsg\">$warning</div>"; } ?>
	<form action="login.php?do=login" method="post">
	<center><h3>Login</h3></center>
		<table align="center">
		<tr><td>Username: </td><td><input autocomplete="no" type="text" name="username" /></td></tr>
		<tr><td>Password: </td><td><input type="password" name="password" /></td></tr>
		<tr><td colspan="2" align="right"><input type="submit" value="Login" /></td></tr>
		</table>
	</form>
</div><br />

<?php
		$sectiontitle = "<a href=\"login.php\">Login</a>";
		$pagetitle = "Login";
		$content = ob_get_flush(); ob_end_clean();
		include $user_style.'index.php';
?>